Various devices and/or systems may operate in part based on a user's proximity to those devices and/or systems. For example, access control systems are designed to provide access to areas of a building for individuals who are authorized to access such areas, and deny access to those areas of the building to individuals who are not authorized to access such areas.
Previous approaches may use wireless beacons (e.g., iBeacon, Eddy Stone, etc.) for proximity-based applications. As an authorized user's mobile device enters a region (e.g., “geofence”) created by one or more beacons, access to a desired area may be granted, in some instances.
However, beacons can be spoofed and/or replicated by a nefarious entity (attacker), causing the proximity-based application to be compromised. For example, in an access control system using a beacon to trigger a door to open, an attacker can create a replica of the beacon and use it to trigger the door to open even when the user (i.e., the mobile device of the user) is located elsewhere outside the geofence.